/* **********************************************************
 * Copyright (c) 2007-2010 VMware, Inc.  All rights reserved.
 * **********************************************************/

/*
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * * Redistributions of source code must retain the above copyright notice,
 *   this list of conditions and the following disclaimer.
 *
 * * Redistributions in binary form must reproduce the above copyright notice,
 *   this list of conditions and the following disclaimer in the documentation
 *   and/or other materials provided with the distribution.
 *
 * * Neither the name of VMware, Inc. nor the names of its contributors may be
 *   used to endorse or promote products derived from this software without
 *   specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL VMWARE, INC. OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
 * DAMAGE.
 */

#include "dr_api.h"

static void
security_event(void *drcontext, void *source_tag, app_pc source_pc, app_pc target_pc,
               dr_security_violation_type_t violation, dr_mcontext_t *mcontext,
               dr_security_violation_action_t *action)
{
    static int violations = 0;

    const char *violation_str = NULL;
    switch (violation) {
    case DR_RCO_STACK_VIOLATION: violation_str = "stack execution violation"; break;
    case DR_RCO_HEAP_VIOLATION: violation_str = "heap execution violation"; break;
    case DR_RCT_RETURN_VIOLATION: violation_str = "return target violation"; break;
    case DR_RCT_INDIRECT_CALL_VIOLATION: violation_str = "call rct violation"; break;
    case DR_RCT_INDIRECT_JUMP_VIOLATION: violation_str = "jump rct violation"; break;
    default: violation_str = "unknown"; break;
    }

    dr_fprintf(STDERR, "security violation: \"%s\"\n", violation_str);
#if 0
    dr_fprintf(STDERR, "Source tag="PFX" pc="PFX" Target pc="PFX"\n",
              source_tag, source_pc, target_pc);
#endif

    violations++;

    if (violations == 1) {
        dr_fprintf(STDERR, "continuing...\n");
        *action = DR_VIOLATION_ACTION_CONTINUE;
    } else {
        dr_fprintf(STDERR, "terminating...\n");
        *action = DR_VIOLATION_ACTION_KILL_PROCESS;
#if 0
        dr_write_forensics_report(drcontext, dr_get_stdout_file(), violation,
                                  *action, "Fatal Violation");
#endif
    }
}

DR_EXPORT
void
dr_init(client_id_t id)
{
    dr_register_security_event(security_event);
}
